CVE-2010-4077

The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linuxkernel 2.6.36.1 and earlier does not properly initialize a certainstructure member, which allows local users to obtain potentially sensitiveinformation from kernel stack memory via a TIOCGICOUNT ioctl call.

Ubuntu-Description

Dan Rosenberg discovered that multiple terminal ioctls did not correctlyinitialize structure memory. A local attacker could exploit this to readportions of kernel stack memory, leading to a loss of privacy.